Hi, I'm fairly new to OpenSSL. How do I convert the rsa generated by rsa_keygen_ex() into a public and private key? Is there a way to do that?
-----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Ruden Estolonio Sent: Tuesday, April 12, 2011 7:19 AM To: openssl-users@openssl.org Subject: RE: RSA key On Mon, 2011-04-11 at 17:53 -0400, Dave Thompson wrote: > > From: owner-openssl-us...@openssl.org On Behalf Of pattabi raman > > Sent: Sunday, 10 April, 2011 08:14 > > > I am using the below code snippet and am able to do the encytption. > > > But I need to convert the encrypted format to Binary format inorder > > to pass the encrypted key to a different system. Any one pls suggest > > how to do the same ??? > > What do you mean encrypted key? There is no encrypted key. > There is an encrypt*ion* key -- your file publkey.pem -- > which you should already have obtained *from* the recipient. I'm not sure but probably what he means is converting PEM to DER. I use openssl rsa command in times like this. > > Do you mean the encrypted *data*, which is implied to be CardPin? > The output (data) from RSA_public_encrypt is ALREADY binary. > And it is NOT a null-terminated C string, so > > > sprintf(encpin, > > > "%s",encrypted); > > etc is wrong about 99.999999% of the time. > > Note that most actual systems do not use just encryption; > they usually need to combine with additional information. > Perhaps what you need is some ASN.1 structure *containing* > your data, or an XML structure, etc etc. > > Also, your code is hard to read. Frequently people post code > with too little white space, but yours has far too much. > In several places you check for an error and print a message, > but then proceed to use the null pointer anyway; if/when the > error arises, this will be very wrong. In most cases there is > additional information that would be helpful in your error > message(s): errno/strerror for fopen (or other I/O) problems, > or the OpenSSL error stack (e.g. ERR_print_errors_fp) for openssl. > > Finally, you are assuming 256 bytes is enough for the RSA > encrypted value. If you ever get a publickey over 2048 bits > this will fail badly. It's safer to make this variable > if your environment or protocol allows that, or at least > check that the size of the key provided is not too big. > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
